我们知道有符号的函数调用很简单了，直接像写c语言一样传参调用即可。但是无符号的就不知道怎么弄了，查遍了整个网络我都没有查到怎么做。只好自己想办法了。总体的思路如下

  1. 保存好所有的现场，如寄存器，当前pc,  返回地址，堆栈等。

  2. 替换返回地址，为当前指令下一个地址

  3. 设置pc去执行函数，

  4. 使用until 命令到执行到的返回地址

  5. until命令执行完成，说明函数也执行完成了，因为是返回地址设置了。

  6. 如果有需要打印一些结果，如p/x x0.

  7. 恢复现场，恢复$pc

 例子是调用一个对象转json的无符号函数，然后打印它返回的结果。

define cs2json
	set $func = 0x00C8EE6C+$libil2cppbase

	set $Saved_x0  = $x0    
	set $Saved_x1  = $x1    
	set $Saved_x2  = $x2    
	set $Saved_x3  = $x3    
	set $Saved_x4  = $x4    
	set $Saved_x5  = $x5    
	set $Saved_x6  = $x6    
	set $Saved_x7  = $x7    
	set $Saved_x8  = $x8    
	set $Saved_x9  = $x9    
	set $Saved_x10 = $x10   
	set $Saved_x11 = $x11   
	set $Saved_x12 = $x12   
	set $Saved_x13 = $x13   
	set $Saved_x14 = $x14   
	set $Saved_x15 = $x15   
	set $Saved_x16 = $x16   
	set $Saved_x17 = $x17   
	set $Saved_x18 = $x18   
	set $Saved_x19 = $x19   
	set $Saved_x20 = $x20   
	set $Saved_x21 = $x21   
	set $Saved_x22 = $x22   
	set $Saved_x23 = $x23   
	set $Saved_x24 = $x24   
	set $Saved_x25 = $x25   
	set $Saved_x26 = $x26   
	set $Saved_x27 = $x27   
	set $Saved_x28 = $x28   
	set $Saved_x29 = $x29   
	set $Saved_x30 = $x30   

	set $savePc= $pc

	set $x0  = $arg0
	set $lr = $pc+4
	set $pc = $func
	until  *$lr

	x/hs ($x0+0x14)

set $x0  = $Saved_x0 
set $x1  = $Saved_x1 
set $x2  = $Saved_x2 
set $x3  = $Saved_x3 
set $x4  = $Saved_x4 
set $x5  = $Saved_x5 
set $x6  = $Saved_x6 
set $x7  = $Saved_x7 
set $x8  = $Saved_x8 
set $x9  = $Saved_x9 
set $x10 = $Saved_x10
set $x11 = $Saved_x11
set $x12 = $Saved_x12
set $x13 = $Saved_x13
set $x14 = $Saved_x14
set $x15 = $Saved_x15
set $x16 = $Saved_x16
set $x17 = $Saved_x17
set $x18 = $Saved_x18
set $x19 = $Saved_x19
set $x20 = $Saved_x20
set $x21 = $Saved_x21
set $x22 = $Saved_x22
set $x23 = $Saved_x23
set $x24 = $Saved_x24
set $x25 = $Saved_x25
set $x26 = $Saved_x26
set $x27 = $Saved_x27
set $x28 = $Saved_x28
set $x29 = $Saved_x29
set $x30 = $Saved_x30
set $pc  = $savePc


end

cs2json